What is SFTP ? Secure protocol for files transfer uses TCP port 22

5 min readFeb 22, 2019

The full form of SFTP is secure file transfer protocol. It is also named as SSH FTP. SSH is for secure connection and FTP is for file transfer protocol. This clearly says that two protocols works together to transfer a file between two computers connected via IP network. According to the OSI model both are the examples of application layer protocols. . Here we will explain the sftp in detail along with the use case examples.

What is FTP ?

FTP is the protocol for file transfer. In an IP network there multiple machines connects each other over IP network. A machine may be physically reachable or might be a remote machine. If it is a remote machine then only file can be transfer over the network. This results the requirements for developing a mechanism for file transfer. FTP is the protocol which runs over TCP/IP for file transfer. It also have more functions. E.g during the FTP session , the remote directories can be browsed, file on remote machine can be deleted etc. So ftp a kind of terminal where many commands can be executed.

What is SSH ?

SSH is the protocol which setup a secure communication between the hosts. Before ssh , all the information was going over wire in plain text. This was very dangerous for security reasons. This leads to the development of ssh protocol. With ssh the remote login becomes secure. SSH uses key based authentication with the server and it encrypt data between the hosts.

As ssh becomes very popular protocols for security. Other protocols start start using ssh for secure communications. SFTP is one of them , when FTP stats using SSH it becomes SFTP. So FTP works as user of SSH.

Sftp port number :

As SFTP uses TCP based communication , so it will need a port. A client connects to the sftp server. So there should be standard port too for the service. Yes there is standard port for the service. The sftp port number is 22. But the port number is configurable. This adds more security to the server. Only people to which the detail has been shared can connect to the server. Port number 22 is the port for SSH. As SFTP is rungs over SSH , so ssh port is used for all communications.

How to use sftp ?

Till now we have discussed about the theoretical part of the protocol. Now it is good time to start with few examples about the usage of sftp. Here we will use the CentOs linux for demonstration. Each example covers the commands and theory behind the command.

Check if sftp is running ?

This is the first step. If no software is installed , then we can not run the protocol. So checking first. Most of the Linux systems comes with the sftp server installed. Server start running with the system startup. But still there might be chances that there is missing packages for sftp.

Following is the command for checking the sftp server status .

[root@CentOS_6_64]# ps -ef | grep ftp root 12497 12495 0 01:47 ? 00:00:00 /usr/libexec/openssh/sftp-server root 13144 12443 0 02:37 pts/0 00:00:00 grep ftp

The output of above command shows that ftp server is running. If no sever is running then we can check two packages installed from the following commands.

[root@CentOS_6_64–159 ~]# rpm -qa | grep ssh
openssh-clients-5.3p1–104.el6.x86_64
trilead-ssh2–213–6.2.el6.noarch
openssh-5.3p1–104.el6.x86_64
libssh2–1.4.2–1.el6.x86_64
openssh-askpass-5.3p1–104.el6.x86_64
openssh-server-5.3p1–104.el6.x86_64

For FTP
[root@CentOS_6_64–159 ~]# rpm -qa | grep ftp
gvfs-obexftp-1.4.3–18.el6.x86_64
ftp-0.17–54.el6.x86_64

If any of the command don’t give output then the corresponding (ssh or ftp) can be installed from yum. Now the server is ready with accepting sftp connection from a remote client.

SFTP client linux:

The secure file transfer model is client/server based. We have shown that there the server is running. Now its time to show how a sftp client will connect to the server. We are using example from linux. Which is command based. For Windows operating system, we have easy to use GUI based clients. We will discuss later or in other post about the sftp client for Windows. To show easy to use example , we have two centos 6 machine one have ip address 192.168.1 159 and other is 192.168.1.160 . The first machine will work as sftp server and other as client. Following are the commands for secure file transfer.

SFTP help:

Like many other commands , there is help to list all possible options in the command following is the command. There are two kind of help , one is before connecting and another is after connecting. For fist one just run the sftp client with no parameters.

[root@CentOS_6_64-160 ~]# sftp usage: sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config] [-o ssh_option] [-P sftp_server_path] [-R num_requests] [-S program] [-s subsystem | sftp_server] host sftp [user@]host[:file ...] sftp [user@]host[:dir[/]] sftp -b batchfile [user@]host [root@CentOS_6_64-160 ~]#

For help after clients connected to the server.

sftp root@192.168.1.159 Connecting to  192.168..1.159... root@192.168.1.159's password: sftp> ? Available commands: bye Quit sftp cd path Change remote directory to 'path' chgrp grp path Change group of file 'path' to 'grp' chmod mode path Change permissions of file 'path' to 'mode' chown own path Change owner of file 'path' to 'own' df [-hi] [path] Display statistics for current directory or filesystem containing 'path' exit Quit sftp get [-P] remote-path [local-path] Download file help Display this help text lcd path Change local directory to 'path' lls [ls-options [path]] Display local directory listing lmkdir path Create local directory ln oldpath newpath Symlink remote file lpwd Print local working directory ls [-1aflnrSt] [path] Display remote directory listing lumask umask Set local umask to 'umask' mkdir path Create remote directory progress Toggle display of progress meter put [-P] local-path [remote-path] Upload file pwd Display remote working directory quit Quit sftp rename oldpath newpath Rename remote file rm path Delete remote file rmdir path Remove remote directory symlink oldpath newpath Symlink remote file version Show SFTP version !command Execute 'command' in local shell ! Escape to local shell ? Synonym for help

Command for connecting server with no file transfer :

[root@CentOS_6_64-160 ~]# sftp root@192.168.1.159 Connecting to 192.168.1.159... root@192.168.1.159's password: sftp> sftp> exit [root@CentOS_6_64-160 ~]#

The above command connects to the server , during connection it prompts for password.

Command for sending file from command line:

[root@CentOS_6_64-160 tmp]# sftp root@192.168.1.159 Connecting to 192.168.1.159... root@192.168.1.159's password: sftp> cd /tmp sftp> put file.txt Uploading file.txt to /tmp/file.txt file.txt 100% 0 0.0KB/s 00:00 sftp> exit [root@CentOS_6_64-160 tmp]#

In above example file.txt , present in /tmp on client machine is transferred to the /tmp directory on the remote server machine.

Originally published at www.cspsprotocol.com on February 22, 2019.